What's the New Normal in Enterprise Security?

 

Faced with a growing array of threats—network intrusions, data theft, DDoS attacks and more—businesses are seeking answers to urgent security questions. In the following Q&A, Rodney Joffe, who has briefed the White House and Congress and advised federal agencies on cyber-security issues, addresses key concerns.

You’ve spoken recently of the “new normal” in enterprise security. What is it?

Network compromises are the rule, not the exception. Both political actors and criminal gangs are well organized, motivated and financed. They are taking dead aim at your brand reputation, bottom line and intellectual capital.

How big of a bottom-line threat are we talking about?

This past May, crooks siphoned off $800,000 from J.T. Alexander & Son, a U.S. fuel distribution firm. If a DDoS attack knocks a large business offline, the losses could easily be a million dollars a day. When Google went down for just five minutes, they lost over $500,000 in revenue and the Internet overall saw a 40% drop in traffic.

Can you describe how attackers are getting smarter?

They are using more powerful tools. For example, some DDoS attackers utilize cloud servers. The tactics are more sophisticated, too, with DDoS sometimes used as a distraction for a network intrusion, designed to steal data or funds.

How do you know if your organization is likely to be targeted?

You should simply assume that you are. I often say that if it uses electricity and is connected to a network, it will be compromised. And if your business depends on the Internet, in some form or fashion, someone will try to disrupt you with a DDoS attack. They are easy to launch and very effective in the absence of strong defenses.

Speaking of defenses, what are some best practices?

The number one best practice is holistic security. It involves upstream DDoS mitigation to complement your downstream protection, most likely a cloud-based solution. For network intrusions, you need always-on, real-time threat intelligence and attack monitoring. Those are some of the basics. These days, you need to think big.